Monthly Archives: April 2016

My new issue brief, published by the Columbia Law School Center for the Advancement of Public Integrity, is based on extensive academic research, a review of primary data from FCPA investigations, and interviews with 23 expert integrity practitioners. The research aims to answer one simple question – what do corrupt organizations have in common? It seemed to me that any attempt to build more sustainable and ethical organizational cultures relies on understanding the answer to this question. I used approaches based on organizational psychology and behavioral ethics, combined with my own experience in corruption risk management.

My work provided a highly consistent, and revealing, set of answers. A full discussion is within the paper itself, but broadly speaking, the following organizational characteristics are likely to be indicators of an ethical problem:

Strategy: Growth is the primary goal, and all others are irrelevant; competition is high, and it is agreed that the ends justify the means. There is little regard for the ‘social licence to operate’.

Leadership: Leadership is complacent; diffuses accountability, opaque and arrogant. Information is hoarded –communication is restricted and top down. There is complacency, and a lack of engagement with business conditions on the front line – just enough to maintain plausible deniability.

Structure:High local devolution and autonomy combines with limited oversight. The group or team isolates itself, by design or circumstance. This isolation creates a sense of mystique.

Authority: Decision-making is strongly hierarchical and directive, with little consultation, and a strong sense of urgency and necessity. Leadership is high status and cannot be questioned.

Incentives: Incentives emphasize high pressure and high rewards. Discretionary bonuses and targets are unrealistic, set without regard to market conditions or risk.

Values and Beliefs: The workplace will hold a pervasive culture of fear, necessity, insecurity, powerlessness, and intense rivalry. The language is of war, games and sport. Corrupt processes are described with jokes and euphemisms, reflecting the need to create distance and reduce shame.

Norms and Behaviors: There is pervasive secrecy, defensiveness, and a lack of pride in the organization.

This research was conducted over a year ago, but recent events seem to definitively support its primary conclusions. It is still early days in the Unaoil investigation, but the massive leak of internal emails provide a treasure trove of information on organizational behavior and ethics. There is apparent evidence that Unaoil’s clients were driven by a sense of urgency, necessity and a desire to eliminate the competition – Leighton Offshore reportedly selected Unaoil because “ they have a plan to win and are hungry and can do the job”. Leadership in Unaoil seems to have been highly top down and directive, with all communications and decisions flowing through Cyrus Ahsani. Even more obvious is the use of code words, jokes and euphemisms to describe the corruption, with bribery referred to as ‘days available’, ‘holiday arrangements’ and ‘train times’.

While such data leaks have numerous dramatic implications for the future of transparency, not least is the opportunity they provide to ethics specialists to understand the intricacies of organizational cultures of corruption. It is a very exciting time to be working in this area, and I am now developing my research further, in tandem with tools to measure and improve organizational ethics.

Alison Taylor is the Director of Advisory Services for BSR (Business for Social Responsibility). Her bio can be found here. Also, here is a link to my video interview with Alison on “How Organizations Impact Corruption.”

Last week’s joint investigation by Huffington Post and Fairfax Media into oil intermediary Unaoil, which offered up revelations that seem to implicate a number of big oil and gas companies in grand corruption, quickly provoked a dramatic raid by authorities in Monaco. Within days, the Unaoil case was dwarfed by history’s biggest data leak, 40 years’ worth of beneficial ownership data from Mossack Fonseca, a law firm specializing in the structuring and management of offshore corporate structures in Panama and across the globe. While hardly new, the Mossack Fonseca story offers a trove of evidence of involvement by at least a dozen current and former political national leaders. The twin leaks, which accompany a popular focus on inequality and an unprecedented public mistrust of business and government, give a massive adrenalin shot to transparency. The revelations should inspire a fresh approach to ethics and anti-corruption, causing companies to change how they operate.

The transformation of the transparency environment traces back to 2010, when (thanks to WikiLeaks) Tunisians were suddenly able to read the contents of a diplomatic cable describing in detail the web of assets held by the country’s ruling family — wealth often secured via extortion and expropriation. Anger led to the overthrow of Tunisia’s regime, setting off the so-called Arab Spring and a general worldwide rage against self-interested, inefficient regimes. In Russia, activist journalists began flagging and highlighting corrupt relationships. China’s government launched a broad crackdown that, while unquestionably convenient to the authorities in its targeting, was partially intended to placate public rage. And in Brazil, the Petrobras revelations revealed a cancer of corruption riddling the private sector and national political class. Everywhere, unease and outrage has been fueled by disillusionment among mainly middle-class protestors who are economically ambitious, technologically savvy, and bent on asserting the right to be free of corrupt governance.

Meanwhile, in New York, London, and Hong Kong, ordinary residents were being priced out of their homes. As they began asking questions, it became clear that the movement of offshore money was driving much of the inflation in “local” property prices. Governments started mulling crackdowns on anonymous investors and companies. In 2011, for instance, Prime Minister David Cameron promised to end “tax secrecy” in the U.K. But little action was taken. The problem? Offshore companies are not only legal; they are standard business conduits for most of the world’s biggest companies. The breadth and depth of vested interests in the offshore economy means that national regulators and political leaders necessarily lack both the will and the agency to tackle the problem effectively. This is a problem that requires global collaboration to solve, and the effort is complicated by the fact offshore ownership is only a problem sometimes. While transparency campaigners were comforted to witness increased pressure on tax havens, they saw little movement. Companies conducted business as usual, and the public in the West shrugged.

But the arrival of Edward Snowden turns out to have driven a new form of transparency activism. Civil society organizations such as Global Witness, Sherpa, and the International Consortium of Investigative Journalists had long been conducting painstaking research into the financial networks of kleptocrats and criminals. But the launch in 2014 by Transparency International of its Unmask the Corrupt campaign was a definitive sign that times had changed.

Technologically sophisticated whistleblowing has boosted the work of this network of NGOs and investigators. However advanced any company’s cyber-security program, it is difficult for administrators to control the actions of disgruntled ex-employees who may perceive little to lose amid a growing market for leaks of information about corruption. Unlike the financial crisis — where banker misuse of obscure derivative instruments did not lend itself to an exciting storyline— Unaoil and the Panama Papers proffer juicy tales of wealth, greed, and hypocrisy. In the context of economic inequality and political populism, this is an incendiary mix.

In 2016, it appears that the secrecy that has historically protected beneficial ownership structures or illegitimate payments can no longer be guaranteed. Both Unaoil and Mossack Fonseca are intermediaries – the former accused of paying bribes to secure contracts and the latter said to have guaranteed that ill-gotten assets could be reliably secured from public scrutiny. There are in fact relatively few such intermediary operations, and they serve as critical connection points. A finite number of agents, fixers, brokers and incorporation agents serve a high proportion of the world’s wealthiest, most influential people. Penetrating a single channel can trigger quite a domino effect.

The threat of reputational risk is evolving and growing rapidly. Companies and individuals must begin operating on the principle that anything and everything they do might become public knowledge at any moment. With hyper-transparency now a contextual reality, ticking a compliance box on some form and pledging to “do the right thing” won’t count for much. Avoiding exposure to bribery and corruption charges has become a matter of hard-core self-interest.

Alison Taylor is the Director of Advisory Services for BSR (Business for Social Responsibility). Her bio can be found here. Also, here is a link to my video interview with Alison on “How Organizations Impact Corruption.”

Interesting article? Would you like to know more?

The following interview is with Ricardo Pellafone, Creative Director & Founder, The Broadcat, www.thebroadcat.com

RTB: Tell us a little about your background and current work.

RP: I’m an investigator-turned-compliance-startup-founder, with pretty much my entire career being spent in compliance.

I started off as outside counsel about ten years ago, where I developed a niche in doing compliance investigations. That ended up taking me to an in-house compliance job for a sovereign wealth company in Abu Dhabi; after that, I was a director on the compliance team at a Fortune 200 tech company in California. And now I’m in Dallas, where I lead my company, Broadcat; we make simplified, task-oriented training.

So, short version, I’m a compliance professional that likes to live in places with painfully hot summers. I grew up outside of Detroit, so I’m just happy to never hear the phrase “lake effect weather” ever again—which, if you’re unfamiliar, is a Michigan euphemism for “you could cry about how cold it is, but your tears would freeze your eyes shut.”

RTB: Why did you move from investigations into training?

RP: I’m trying to solve a problem I’d had—that most training doesn’t seem to translate to real life. I’ve done investigation interviews where a front-line employee remembered training and could correctly recite the guidance, but had zero understanding of how that would translate to their actual job tasks.

That is—and this is compliance jargon, here—“not awesome.”

It’s good to be able to show that people certified to training, but training isn’t an end in itself; the purpose of training is to increase compliance. And to increase compliance, training has to translate to the real world.

My pre-law degree was in psych, so I dragged out the social science on transfer—how we go from learning something to actually using it. I then started developing my own training, and that eventually turned into Broadcat.

We make materials that are framed around real-world tasks; for example, I don’t make learning modules on anticorruption or cybersecurity or whatever, because only compliance people and lawyers think in terms of abstract risks like that.

Instead, we make task-oriented stuff like “here’s how to review an invoice for red flags” and “here’s how to detect a phishing email,” and then we give them to companies in formats that they can edit and customize themselves. Here’s an example of one of the pieces we license.

RTB: You tend to write a lot about simplicity. What is that, and why is it important to compliance?

Simplicity is kind of the word of the moment in compliance, but I think it’s usually used incorrectly. It’s often used to describe things that are just easy to understand or engaging—and of course, both of those things are incredibly important in anything you do.

But simple things are first and foremost useful. So when I talk about simplicity, what I mean is that you’re doing something that directly relates to the goal of compliance—helping front-line people do their job tasks compliantly.

The reason it’s important is because increasing front-line compliance is the whole point. If you’re giving training that is engaging and easy-to-understand but doesn’t help front-line employees do their jobs compliantly, you might as well be sending them cat videos from YouTube.

Actually, the cat videos would be better, because they’re free and everyone loves cat videos.

And, obviously, it’s also important because it’s what the government is telling you to do, and they tend to, you know, enforce the laws and such.

RTB: Can you give an example of that?

RP: Sure. Laura Jacobus at LRN recently did a really nice interview with Hui Chen, the DOJ’s compliance expert. When Laura asked Hui how she knows if a company has a real or paper compliance program, here’s what she said (in part):

“I also look to see how the most front-line workers understand their jobs: Does the clerk in the accounts-payable room understand his job to be processing payments as quickly as he can, or does he understand that he is supposed to keep an eye on certain things and escalate issues he identifies? Does the new salesperson understand her job to be making the deal at all costs, or does she understand that there are boundaries?”

Those are great questions—because that is actual compliance.

But there are companies that have amazingly polished Codes of Conduct and elaborate e-learning systems that can’t answer them. And we have a name in the compliance world for companies that have award-winning training materials but no front-line compliance: Enron.

RTB: So if a company is just starting out in compliance, what advice would you give to a compliance team in keeping things simple?

RP: Two things, I think.

First, be ruthless in setting your priorities and remember that your job is to increase front-line compliance, not do stuff just because other companies are doing it. If you have a newsletter and e-learning and an interactive Code but no one on your team knows how your salespeople close deals or your accounts payable folks review invoices, you’re doing it wrong.

Second, and related: focus on getting to know your business processes really well. As in-house compliance, you’re the only person that can figure out how your people review invoices, or set pricing, or ship prototypes—and those are the things that will determine whether you’re compliant. You can outsource everything else, but that’s your unique niche, and that’s where you need to focus.

RTB: Thank you Ricardo, how can people contact you?

RP: Our website is thebroadcat.com, and that’s our handle on LinkedIn, Twitter, and Facebook too. You can also contact me directly by shooting me a note at [email protected]

Upcoming Speaking Events

The Conference Board of Canada will host the National Corporate Ethics and Integrity Summit, in Toronto Canada, which will examine the latest developments in ethics and compliance. It will bring together corporate leaders and ethics(...)

At the 12th International Pharmaceutical and Medical Device Compliance Congress in Vienna, I will engage in a ‘fireside chat’ with Paul Hastings Partner, Gary Giampetruzzi, where we will address the following issues in a keynote presentation, Behind(...)